Flexible method of user authentication
First Claim
1. A method of authorizing a user to selectively access stored files, the method comprising:
- authorizing a user to access a system having files stored thereon, wherein authorizing the user comprises—
determining two or more available user information entry devices from a plurality of different user information entry devices in communication with the system, wherein each of the different user information entry devices is associated with a corresponding distinct security level;
determining an authorization method from a plurality of different authorization methods, wherein the plurality of different authorization methods require data from the two or more corresponding available user information entry devices;
receiving user authorization information from the two or more available user information entry devices and combining the corresponding distinct security levels into an authorization level for the authorization method;
selecting stored data corresponding to the level of authorization; and
registering the received user authorization information against the selected stored data to perform at least one of identifying and authorizing the user at the authorization level;
upon authorization of the user, retrieving a plurality of password identifiers, individual password identifiers being associated with a password, and individual passwords providing access to a file;
receiving an indication of a selected password identifier; and
providing a password associated with the selected password identifier to an application to access the file.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of authorizing a user in communication with a workstation is disclosed. According to the method, a system automatically determines a plurality of available user information entry devices in communication with the workstation. The system then determines predetermined user authorization methods each requiring data only from available user information entry devices. The user then selects one of the determined authorization methods for use in user authorization. Optionally, each authorization method is associated with a security level relating to user access to resources. Once the authorization method is selected, the user provides user authorization information in accordance with a determined user authorization method and registration proceeds.
-
Citations
24 Claims
-
1. A method of authorizing a user to selectively access stored files, the method comprising:
-
authorizing a user to access a system having files stored thereon, wherein authorizing the user comprises— determining two or more available user information entry devices from a plurality of different user information entry devices in communication with the system, wherein each of the different user information entry devices is associated with a corresponding distinct security level; determining an authorization method from a plurality of different authorization methods, wherein the plurality of different authorization methods require data from the two or more corresponding available user information entry devices; receiving user authorization information from the two or more available user information entry devices and combining the corresponding distinct security levels into an authorization level for the authorization method; selecting stored data corresponding to the level of authorization; and registering the received user authorization information against the selected stored data to perform at least one of identifying and authorizing the user at the authorization level; upon authorization of the user, retrieving a plurality of password identifiers, individual password identifiers being associated with a password, and individual passwords providing access to a file; receiving an indication of a selected password identifier; and providing a password associated with the selected password identifier to an application to access the file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of updating a password associated with a plurality of files, the method comprising:
-
receiving a request from a user to change the password; authorizing the user by— determining at least two available input devices from a plurality of different input devices in communication with a system, wherein the different input devices are associated with corresponding different degrees of security; determining an authorization method from a plurality of different authorization methods, wherein the plurality of different authorization methods require data from the at least two corresponding available input devices; combining the different degrees of security to obtain an authorization level for the determined authorization method having an associated security level sufficient for accessing the password; and authorizing the user according to the determined authorization method with data received from the determined at least two available input devices; determining the plurality of files associated with the password; receiving an indication of a new password; and securing the plurality of files with the new password. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method of updating a password associated with a plurality of files, the method comprising:
-
receiving a request from a user to change the password; authorizing the user by— determining two or more available input devices from a plurality of different input devices in communication with a system, wherein the different input devices are associated with corresponding different degrees of security; determining an authorization method from a plurality of different authorization methods, wherein the plurality of different authorization methods require data from a two or more corresponding available user input devices, the determined authorization method having a security level calculated by combining the degrees of security from the two or more available input devices, and wherein the determined two or more available input devices and corresponding authorization method have an associated security level sufficient for accessing the password; and authorizing the user according to the determined authorization method with data received from the determined two or more available input devices; determining the plurality of files associated with the password; receiving an indication of a new password; securing the plurality of files with the new password; identifying a security breach; and receiving an automatic password change request upon identification of the security breach. - View Dependent Claims (24)
-
Specification